[Bps-public-commit] rt-authen-externalauth branch, dbi-password-check-callback, created. 0.09-9-g22ba2bf

Ruslan Zakirov ruz at bestpractical.com
Wed Nov 16 10:01:32 EST 2011 

The branch, dbi-password-check-callback has been created
        at  22ba2bfa8d59a00354712e63daaa5d622e39cf4d (commit)

- Log -----------------------------------------------------------------
commit 22ba2bfa8d59a00354712e63daaa5d622e39cf4d
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date:   Wed Nov 16 18:58:25 2011 +0400

    add new option p_check to DBI auth module
    
    p_check should be a code reference that takes password's HASH
    and password user entered, returns boolean that indicates whether
    password is correct or not

diff --git a/lib/RT/Authen/ExternalAuth/DBI.pm b/lib/RT/Authen/ExternalAuth/DBI.pm
index 7099632..c7f55ec 100644
--- a/lib/RT/Authen/ExternalAuth/DBI.pm
+++ b/lib/RT/Authen/ExternalAuth/DBI.pm
@@ -15,6 +15,7 @@ sub GetAuth {
     my $db_table        = $config->{'table'};
     my $db_u_field      = $config->{'u_field'};
     my $db_p_field 	    = $config->{'p_field'};
+    my $db_p_check      = $config->{'p_check'};
     my $db_p_enc_pkg    = $config->{'p_enc_pkg'};
     my $db_p_enc_sub    = $config->{'p_enc_sub'};
     my $db_p_salt       = $config->{'p_salt'};
@@ -57,6 +58,34 @@ sub GetAuth {
     
     # Get the user's password from the database query result
     my $pass_from_db = $results_hashref->{$username}->{$db_p_field};        
+
+    if ( $db_p_check ) {
+        unless ( ref $db_p_check eq 'CODE' ) {
+            $RT::Logger->error( "p_check for $service is not a code" );
+            return 0;
+        }
+        my $check = 0;
+        local $@;
+        eval {
+            $check = $db_p_check->( $pass_from_db, $password );
+            1;
+        } or do {
+            $RT::Logger->error( "p_check for $service failed: $@" );
+            return 0;
+        };
+        unless ( $check ) {
+            $RT::Logger->info(
+                "$service AUTH FAILED for $username: Password Incorrect"
+            );
+        } else {
+            $RT::Logger->info(  (caller(0))[3], 
+                                "External Auth OK (",
+                                $service,
+                                "):", 
+                                $username);
+        }
+        return $check;
+    }
 
     # This is the encryption package & subroutine passed in by the config file
     $RT::Logger->debug( "Encryption Package:",

-----------------------------------------------------------------------

More information about the Bps-public-commit mailing list